What is ransomware and how do you protect against it?

Ransomware has been rising at an “alarming rate,” according to security researchers, with a 3,500 percent increase in criminal use of net infrastructure that helps run ransomware campaigns. According to Microsoft, the U.S. has the highest number of ransomware attacks, with more than 300,000. It can affect anyone with a computer or mobile device, and there are already plenty of examples of large businesses, especially healthcare, being victimized and shelling out large amounts of money to get their data back.

How does ransomware work?

Ransomware is malware that is downloaded onto your computer. It allows someone to block access to your files or your computer using encryption until you pay a ransom, usually in Bitcoin. Ransoms vary from a few hundred dollars to a few thousand, depending on the user (individual or business). It puts victims in a bind: On the one hand, if the ransom isn’t paid, they risk permanent data loss. On the other hand, most companies don’t recommend paying because doing so doesn’t guarantee safe return of your files.

It’s up to you whether you want to pay to get your data back, and how much you can afford the downtime associated with an attack and the risk to your data if you don’t pay the ransom. And unfortunately, once you are already a victim of ransomware, crooks are more likely to target you again because they’ve gotten past your vulnerable systems.

Remove ransomware safely

What can you do if you’re locked out? It might seem like an impossible task, but you should try to recover your systems before paying any kind of ransom. If you back up your files regularly, you may have a previous version you can restore to before the infection. Contact your IT department so they can shut down your network and take any other precautions necessary.

If your business computer or network was infected, you may need to alert certain authorities that your data has been compromised, such as the Office of Civil Rights for healthcare companies. In most ransomware attacks, data is not stolen, merely encrypted.

Protect against ransomware

How can you thwart an attempt by hackers to ransom your data? For one, train your employees to recognize phishing emails that are most likely hiding malware and to avoid downloading files from people they don’t know. Employ strong anti-virus software and keep your applications patched and up to date. Malware is also quite popular in macros for Office documents, so you should disable macros in your Office security settings. Finally, install ad blockers to prevent malicious ads from automatically downloading malware onto your computer.

Backing up your data regularly to a secure, offsite facility is also smart. Some versions of ransomware can encrypt onsite backups, meaning they are useless to you if ransomware affects those files as well. Have a strong backup solution in place that is easily recoverable should you need it. It exists for a reason!

Remember, always be vigilant about your security. Train your employees to recognize and avoid suspicious content, including untrusted websites that are malware breeding grounds. Having a strong technical security solution can also help prevent ransomware attacks.

Other ransomware resources:

If you're curious about ransomware, learn more from these blog posts:

Ransomware and healthcare: What you need to know: Ransomware was officially a billion dollar crime in 2016, with more than 4,000 attacks since Jan. 1 and at least 25 variants of ransomware discovered. Researchers have predicted they would discover more than 100 variants before year’s end... (read more)

How does Ransomware as a Service work? Ransomware has made headlines time and again for its devastating effectiveness on governments and organizations, but researchers are starting to pay attention to a developing trend within ransomware: Ransomware as a Service (RaaS)... (read more)